IOC Radar
IPMediumSignal 38/100

60.249.14.39

Location
Taiwan, Province of ChinaTaiwan, Province of China
Taichung, TXG
ASN
AS3462
Chunghwa Telecom Co. Ltd.
First Seen
Apr 16, 2026
Last Seen
Apr 23, 2026
Apr 16
First Seen
58d ago
Apr 23
Last Seen
51d ago
5
Reports
source reports
38%
Confidence
medium
3/91
VirusTotal
detections
Found in 5 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
38%
Signal Score
38 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

21 techniques

Network Information

CountryTWTaiwan, Province of China
RegionTaichung, TXG
ASNAS3462
OrganizationChunghwa Telecom Co. Ltd.

Feed Intelligence Summary

5 reports38% confidence
5
Source reports
38%
Confidence score
Category tags
active scanagentaptasiaattackbackbad reputationcloudcontactdemodevtcpipportenumerateexploitation activitygrephuntindicatoripv4kagentmalwaremarimonetworknkabusenkn blockchainpostgresqlpythonrebootresearchedreverse shellselectspacesstrongsysdigt1016t1021.004t1027.002t1033t1053t1053.003t1059.004t1059.006t1071.004t1082t1083t1090t1095t1105t1140t1190t1543.001t1543.002t1552.001t1571t1573.002taiwantargetthreat actortor node

Activity Timeline

1 total obs
Apr 23Apr 23

Threat Activity Heatmap

· Peak: 2026-04-23
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
38
SIGNAL
Signal Score
38%
Confidence
5
Reports
First seenApr 16, 2026
Last seenApr 23, 2026
GeolocationTW
CountryTaiwan, Province of China
LocationTaichung, TXG
ASNAS3462
OrgChunghwa Telecom Co. Ltd.
Coords24.1440, 120.6844

VirusTotal

3/ 91vendors flagged
3% detection rateJun 5, 2026

WHOIS

description
CC=TW ASN=AS3462 data communication business group
raw
inetnum: 60.249.0.0 - 60.249.255.255 netname: HINET-NET descr: Data Communication Business Group, descr: Chunghwa Telecom Co.,Ltd. descr: No.21, Sec.1, Xinyi Rd., Taipei City descr: 10048, Taiwan country: TW admin-c: HN27-AP tech-c: HN27-AP abuse-c: AT939-AP status: ALLOCATED PORTABLE mnt-by: MAINT-TW-TWNIC mnt-irt: IRT-HINET-AP last-modified: 2025-11-07T02:38:36Z source: APNIC irt: IRT-HINET-AP address: Chunghwa Telecom Co.,Ltd. address: No.21-3, Sec. 1, Xinyi Rd., Taipei 10048, Taiwan, R.O.C. address: Taipei phone: +886-2-2322-3495 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: TR391-AP tech-c: TR391-AP remarks: (oid:HINET) auth: # Filtered mnt-by: MAINT-TW-TWNIC last-modified: 2025-11-06T07:20:07Z source: APNIC role: ABUSE TWNICAP country: ZZ address: 3F., No. 123, Sec. 4, Bade Rd., Songshan Dist., Taipei 105, Taiwan phone: +000000000 e-mail: [email protected] admin-c: TWA2-AP tech-c: TWA2-AP nic-hdl: AT939-AP remarks: Generated from irt object IRT-TWNIC-AP remarks: [email protected] was validated on 2025-05-23 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-05-23T00:02:10Z source: APNIC person: HINET Network-Adm address: CHTD, Chunghwa Telecom Co., Ltd. address: No. 21, Sec. 21, Hsin-Yi Rd., address: Taipei Taiwan 100 country: TW phone: +886 2 2322 3495 phone: +886 2 2322 3442 phone: +886 2 2344 3007 fax-no: +886 2 2344 2513 fax-no: +886 2 2395 5671 e-mail: [email protected] nic-hdl: HN27-AP remarks: (hid:HN184-TW) mnt-by: MAINT-TW-TWNIC last-modified: 2025-08-28T07:34:45Z source: APNIC inetnum: 60.249.14.0 - 60.249.14.255 netname: HINET-NET descr: Chunghwa Telecom Co.,Ltd. descr: No.21-3, Sec. 1, Xinyi Rd., Taipei 10048, Taiwan, R.O.C. descr: Taipei Taiwan country: TW admin-c: HN184-TW tech-c: HN184-TW mnt-by: MAINT-TW-TWNIC changed: [email protected] 20060731 status: ASSIGNED NON-PORTABLE remarks: This information has been partially mirrored by APNIC from remarks: TWNIC. To obtain more specific information, please use the remarks: TWNIC whois server at whois.twnic.net. source: TWNIC person: HINET Network-Adm address: Changhua Telecom Co., Ltd. address: No. 21, Sec. 21, Hsin-Yi Rd. address: Taipei Taiwan country: TW phone: +886-2-2322-3495 fax-no: +886-2-2344-2513 e-mail: [email protected] nic-hdl: HN184-TW changed: [email protected] 20130307 remarks: This information has been partially mirrored by APNIC from remarks: TWNIC. To obtain more specific information, please use the remarks: TWNIC whois server at whois.twnic.net. source: TWNIC
references
https://www.sysdig.com/blog/cve-2026-39987-update-how-attackers-weaponized-marimo-to-deploy-a-blockchain-botnet-via-huggingface, IOCs.2026.csv, https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt, https://www.sysdig.com/blog/cve-2026-39987-update-how-attackers-weaponized-marimo-to-deploy-a-blockchain-botnet-via-huggingface#conclusion

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 month ago · Last seen 1 month ago
Appeared in 5 threat reports